Imagine how much of a non-problem malicious hacking would be if the government hadn't started persecuting hackers back in the day. Actual secure software techniques would have been developed out of necessity, and at the very least people would take the concept of an 'air gap' seriously (like perhaps not hooking process control equipment up to the Internet!). But once again, their hubris led them to believe that man made "laws" could declare away an undesirable emergent behavior, and society went full speed ahead in deploying highly brittle systems while the threats were reassuringly out of sight.
The news here isn't that China has been hacking US companies. The news is that the USA has started calling them out on it. I wonder if this signals a shift in foreign policy?
True. This hacking certainly gives CIOs and cybersecurity chiefs something to point at when justifying budgets and centralizing initiatives. The hacking has undesirable consequences far beyond just the loss of IP.
I doubt it has anything to do with foreign policy and more to do with pushing from the private sector (i.e. RSA, Semantec etc).
If they were really concerned about espionage and eavesdropping, the first thing they would do is make sure that the phone lines to the White House were run by domestic companies and not a company with links to Israeli intelligence.
Even if poltician won't admit it among one of the more negative election season America economy is improving and become less reliant on China that being said we are becoming more confident in the fact that sooner or later we won't need them and that we won't have to keep taking these attacks because of our dependence. Hopefully we can improve our defense and maybe do some offense.
I posted the following in another thread the other day, but that thread was deleted. I think it is relevant here:
--------
I worked for a company that was acquired by Lockheed. I ran IT and had already spent a few years 100% rebuilding the infrastructure of the company when I joined.
As we were assimilated I worked with IS&S and their security teams closely to ensure our security measures were up to snuff with Lockheed's requirements (we built the RFID tracking system the military used for shipping pretty much everything)
In our security meetings, we were briefed on activities that were happening, what we needed to do and why.
China was constantly attacking Lockheed and all other defense contractors.
They were pretty sophisticated in how they did it; targetted spear phishing was one of their successes:
Chinese spies would attend defense contractor events - meet and seek out lockheed and other employees. Get their business cards and spoof mail from one employee to the other, referring to events that occured at the convention to get people to click on shit that would be a trojan.
These trojans were rather sophisticated in that they would operate very very slowly to trickle pieces of information out. Sometimes they were very specific pieces of information.
I don't recall exactly how this was found out, but someones machine was being checked out - and in the process the trojan was found. When the chinese were alerted to the fact that the trojan had been found, they turned whatever their bot-net was up to 11 and attempted to just mass send out as much data as they could.
(All of lockheed only has (I think) 3 connections to the internet)
They cut it off and had to get rid of these trojans.
Another time, a supplier (I think it was in Taiwan, I cant recall exactly) a supplier was hacked and its machines would install stuff on any USB sticks used.
Lockheed machines were not allowed to connect to non-lockheed networks, via Wifi or any other means. So they would use USB sticks to transfer stuff.
The chinese went after the suppliers machines as a vector to get connected with the lockheed machines.
I have mentioned this stuff here on HN before, and in light of China's 50-100 year vision for where they want to be, we are basically fucked.
The chinese have been securing access to all major natural resources in Africa, as well as being the manufacturing hub for EVERYTHING - while the US government is squabbling over petty short term profit efforts and securing a diminishing resource (oil).
This is not to say the US is some slouch in the cyber security space; Stuxnet and Doqu are clearly US/Israel cyber attacks that are amazing.
But anyone would be a fool to not be very wary of where the online digital war is headed.
Yes. However, there is no definitive evidence that these threat actors are state sponsored, so the fact they're from China doesn't mean that they are China, technically. But the circumstantial evidence is convincing.
Contrary to what samstave said, Chinese APT aren't particularly sophisticated. They do leave a lot of footprints behind, although for obvious reasons that data is generally not made public.
Personally, no. This information came to me from head of netsec at lockheed in our meetings. It was conveyed in phone conversation on the netsec con calls.
That's odd, because through the media and Internet forums anywhere I can only see name pointing, not strong evidence.
If you ever have time, trace back all the "China hacking" reports, they all came from non-tech sources, just authoritive accusing. Blame China is obviously the most safe and easy assumption, because Chinese people rarely care or hear foreign voices anyway.
But do you happened to know that Chinese Internet was one of the largest malware & botnet victims in the world? If you subscribe full-disclosure you can see lots of mass security issues happening in China everyday.
No, it isn't. The Chinese themselves are documenting the attacks. They made a documentary about it. It was a story here on HN. It's not exactly a secret.
Yes, it's documented, but it's DoS Falun Gong servers, the same stuff like Anons with LOIC. But stealing IP from company for political or commercial motives? You need much more than DoS.
First of all, my experience in this matter occured in 2007.
Second, if you do not think that MASSIVE governmental cyberspying is taking place between pretty much everyone, then you are fooling yourself.
We have already seen the most amazing display of US/Israel cyber capability with Stuxnet.
THey have been even actively ASSASSINATING nuclear engineers in Iran for fucks sake!
Just because I have been aware of China's attacks on Lockheed since 2007, and likely the first time this type of thought entered your head in ~2012 doesn't make this some propaganda campaign.
OF COURSE china is under attack from the US, Israel, France, the UK.
I am not sure if you are aware of it - but a resource war is looming in the not too distant future.
While China has secured MASSIVE natural resources and made themselves the center of all consumer/industrial manufacturing (aside from heavy industry in Germany) - the US/Israel faction has spent trillions on advanced weaponry and securing fuel resources.
So that war that is coming will be a war of attrition: US/Israel with secured fuel for N years, China with massive natural and human resources.
Right now the chess game of getting everything in place is what is underway.
While I agree a war is looming, but simply accuse China without decent evidence is just like "USA Imperialism" hatred in China without any rational reasons.
And just for the record, China relies heavily on resource import, too. And the documentary shows exactly how poor Chinese government hacking is.
> in light of China's 50-100 year vision for where they want to be, we are basically fucked. The chinese have been securing access to all major natural resources in Africa, as well as being the manufacturing hub for EVERYTHING - while the US government is squabbling over petty short term profit efforts and securing a diminishing resource (oil).)
Is it possible for island nations with no natural resources to be wealthy? Are you familiar with the historical and economic criticisms of Mercantilism? Are you aware that world proven oil reserves are at an all time high, and that the primary source of US oil and energy imports is Canada? http://en.wikipedia.org/wiki/Mercantilism
"world proven oil reserves are at an all time high"...etc.
Unfortunately - even if this is correct, and opinions do vary - this does not counter the fact that oil is a diminishing resource. Furthermore, the quality of current reserves, in terms of oil grade and ease of extraction, is increasingly poor.
All flora, fauna, and hydrocarbons are merely aggregates of either solar or geothermal energy, which appears to be virtually infinite for the next few billion years. The rise and fall of individual business models for energy conversion does not imply deterministic limits or that military hegemony produces any benefits.
While certain metals are rare to Earth, they are overly abundant on asteroids which robots have already visited. Severe shortages would create a corresponding incentive to invest capital in extraterrestrial resource extraction, which would lead to much greater long term abundance.
In a large portion of these attacks, the attackers are using some form of modified SpyEye/ZeuS botnet source with a pre-loaded 0day (adobe products are the target of choice since they seem to have a vuln discovery a week). Honestly, regardless of how you slice this - with a solid Social-Engineering backend, this is a very difficult problem to deal with/defend against regardless of the securities in place.
However, I will say this: I really do think it's in a company's best interests to dabble in the blackhat security markets a bit as a bystander. You can watch the development of some VERY interesting 0days, botnets, and other such goodies from an in depth perspective. That way, you can protect your mission-critical assets from the latest and greatest vulnerability before it trickles through to vulnerability notifier services.
“The U.S. government is involved in espionage against other governments,” he says flatly. “There’s a big difference, however, between the kind of cyberespionage the United States government does and China. The U.S. government doesn’t hack its way into Airbus and give Airbus the secrets to Boeing [many believe that Chinese hackers gave Boeing secrets to Airbus]. We don’t hack our way into a Chinese computer company like Huawei and provide the secrets of Huawei technology to their American competitor Cisco. [He believes Microsoft, too, was a victim of a Chinese cyber con game.] We don’t do that.”
“What do we do then?”
“We hack our way into foreign governments and collect the information off their networks. The same kind of information a CIA agent in the old days would try to buy from a spy.”
“So you’re talking about diplomatic stuff?”
“Diplomatic, military stuff but not commercial competitor stuff.”
Zero. I've never read allegations to the contrary. Commercial, as opposed to strategic, hacking is both outside the scope of the US govt and of limited value. Everybody (as in the people who count) knows that US corps have the best R&D, so why take the risk to steal something you don't need?
[I should add something about the degree of separation of govt and corps being a factor.]
I'll simply say that you have no clue what you're talking about and leave it at that. It's pretty preposterous to assume that because it's not in the US media, it doesn't happen.
If you want a declassified historical account, look back at the US IC programs to furnish sabotaged/backdoored electronics during the later years of the Cold War.
I am assuming IC == integrated circuit? Was that program targeting the USSR govt or private industry, such as may have existed? Was the backdoor designed to steal state secrets or economic secrets?
Thank you. It's funny, because the last thing I read specifically mentioned the example of Boeing and Airbus, except to say the US govt would never help Boeing like that. oops.
But your link is a little undersourced? And I'm really having a hard time with the part about Motorola. "The 1995 Motorola letter is proof positive that Bill Clinton is directly responsible for the present-day U.S. intelligence disaster." Giving Motorola an encryption export waiver (which is something crypto geeks had been fighting for for years) is proof that Clinton turned the NSA into a cash cow?
Really, I am interested in the topic, but your link is more of a hit piece than anything.
[The link noibl posted is exactly the interview I was thinking of wrt Boeing and Airbus.]
Ah I'm sure its pretty common place for the Chinese to be hacked by many other countries (US Included). They are the up and coming economy. Lots going on there worth knowing about... oh and also if they have stolen R&D electronically then country X would probably snoop around Chinese machines to get hold of the information.
Intellectual property is something whose use is protected by law. (In particular, the fact that you have to break the law to obtain the information does not make it intellectual property.) These are just secrets, right?
Most things stolen in industrial espionage are either copyrighted or trade secrets, both of which fit within a formal definition of intellectual property.
all the quotes are out of context in that article.
i doubt they said anything to that effect.
My bet, if I could see the talk somewhere, is that he referred to the attacker as something generic (not "china") and then on another point talked about China's trouble with intellectual property as when they sell counterfeited cisco gear or use code from one US company manufacturing there on a huwaei product, etc.
and the journalist just cut, mixed, and published the bomb about china being the attackers.
of course the article may only have the worst quote choices and that's exactly what he said.
